Signature Detail

Short Name	UDP:XTACACSD-BO
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	UDP
Keywords	XTACACS Protocol Long Username Buffer Overflow
Release Date	2013/08/12
Update Number	2289
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

UDP: XTACACS Protocol Long Username Buffer Overflow

This signature detects attempts to exploit a known vulnerability against XTACACS Protocol . A successful attack can lead to arbitrary code execution.

Extended Description

Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command.

Affected Products

netplex-tech xtacacsd 2.0
netplex-tech xtacacsd 3.0
netplex-tech xtacacsd 3.1
netplex-tech xtacacsd 3.2
netplex-tech xtacacsd 3.3
netplex-tech xtacacsd 3.4
netplex-tech xtacacsd 3.5
netplex-tech xtacacsd 4.0
netplex-tech xtacacsd 4.1
netplex-tech xtacacsd 4.1.1
netplex-tech xtacacsd up to 4.1.2

References

CVE: CVE-2008-7232

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

UDP: XTACACS Protocol Long Username Buffer Overflow

Extended Description

Affected Products

References